Technical Description V2017-04

Information about the technical description of the BiosistoChart

Introduction

BiosistoChart is an internet application available at https://www.biosistochart.com/. The application runs on a secure application environment of Microsoft and can be accessed with an account and password from Biosisto. The account created by Biosisto can only be used for BiosistoChart.

It is also possible to use an existing Microsoft Office 365 account. We can authorize an Office 365 account to use BiosistoChart, which enhances the user experience (single sign-on).

BiosistoChart is divided into two parts: the website and the web API. Both are developed in commissioned by Biosisto. Biosisto is the legal owner of the source.

Housing

BiosistoChart is hosted by Microsoft on their Azure platform. We use Azure App services to service the system. We have two Azure environments, one for testing and validation and a production platform. Customers have only access to the production platform.

Authentication

The website uses OpenID Connect (oAuth flow) against an Azure Active Directory. The API uses Bearer token authentication also against an Azure Active Directory. We have used the standard Microsoft services and tools to develop this functionality. All traffic between the website and API is encrypted with SSL.

Programming

In general, all user actions are treated as not safe and are validated. The front-end is protected by code from library’s jQuery and AngulaJS in combination with Microsoft Entity Framework in the back-end.

Data storage

All data is stored in a SQL database. This database is only available from a few IP addresses and generally only addressable from the web API.
All data is stored in several entities and tables and is not directly pointable to any customer.
See also Backup and Restore • BiosistoChart User Guide (biosistostandard.com)

Security

We use the standard Azure security options and firewalls.

Back-up

We use the standard backup and restore options from Microsoft Azure.
See also Backup and Restore • BiosistoChart User Guide (biosistostandard.com)

Validation

The functionality is tested and validated by Biosisto. A validation certificated is available for our customers.

Audit and logging

All mutations on the data in the system are logged and recorded. These read-only logging is available for the user in the system. It is possible to see when and who entered or changed data entries. All data entries are logged in the system.

Biosisto - Quality in Control

Microbiological laboratories should be able to receive reliable analysis without much overhead. A microbiological analyst must be able to focus on the primary activities, for example analysis of the sample material. Quality control should support the analyst in a logical and simple manner. By using modern information technology, process control and quality assurance are designed smarter and more effective.

Biosisto b.v.
Martin Luther Kingweg 3
9403 PA Assen, The Netherlands
www.biosisto.com

BiosistoStandard